[Herefordshire] I am in a real bind!!!
Mark Broadbent
markb at wetlettuce.com
Tue Jun 21 22:56:49 BST 2005
Hi Andrew,
On Tue, 2005-06-21 at 08:58 +0100, Andrew Hodgson wrote:
> Hi,
>
> I am wondering whether any of you on the list can help me with a bit of a
> DNS quandary I am in.
>
> I am going on broadband tomorrow and my ISP has given me an IP block
> 81.2.105.208/28. I have to host PTR records on my DNS server using the
> subnetted style 208-223.105.2.81.in-addr.arpa. - this is fine. The ISP host
> the zone 105.2.81.in-addr.arpa (or most of it), and have created CNAME
> records pointing to the subnetted zone, listing my public nameserver as the
> primary for the subnetted zone.
It should be possible to create the 208-223 zone in your dns setup to
place your PTR information and (by virtue of a zone not being in your
local configuration) let other hosts be resolved externally.
>
> However, I run a split horizon DNS setup with the public information on one
> server and LAN-specific information on the other. This is mainly because
> our lan uses the subdomain ad.hodgsonfamily.org. I host the records on both
> on two completely different instances.
If your running a split dns, can you not configure the internal DNS
server to forward requests onto the external server that it cannot
resolve (ie. external addresses), it should be a simple matter of
inserting a forwarder statement in the configuration (if your using
bind9).
> The issue I have is I want to create the reverse zone for inside my LAN, but
> here I have an issue, as if I created 105.2.81.in-addr.arpa, the rest of
> that zone (i.e, for IP addresses I don't own) are not being resolved since
> the DNS server can pick up the zone locally. If I create the subnetted
> zone, there would be no CNAME records in the parent to get resolution
> working.
I'm a little confused about your usage of CNAME here. IIRC a CNAME is
used to point to an A or another CNAME record when performing forward
lookups (name to IP). When performing reverse DNS there is only PTR
records to tie the *.in-addr.arpa IP addresses to a name.
Correct me if I'm wrong but do you mean that you are the authoritative
nameserver for these PTR records? In fact (answering my own question) I
know you are, try:
$ whois -B 81.2.105.209
As I said above, just create an appropriate zone (on your external
facing) server and forward requests internal -> external.
(In bind the PTR records are like so:
1 IN PTR bob.wetlettuce.com.
)
Thanks
Mark
--
Mark Broadbent <markb at wetlettuce.com>
More information about the Herefordshire
mailing list